Vulnerabilities > CVE-2007-1873 - Cross-Site Scripting vulnerability in Mephisto 0.7.3

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
mephisto
exploit available

Summary

Cross-site scripting (XSS) vulnerability in Mephisto 0.7.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter to the search script.

Vulnerable Configurations

Part Description Count
Application
Mephisto
1

Exploit-Db

descriptionMephisto Blog 0.7.3 Search Function Cross-Site Scripting Vulnerability. CVE-2007-1873 . Webapps exploit for php platform
idEDB-ID:29780
last seen2016-02-03
modified2007-03-26
published2007-03-26
reporterThe[Boss]
sourcehttps://www.exploit-db.com/download/29780/
titleMephisto Blog 0.7.3 - Search Function Cross-Site Scripting Vulnerability

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/55890/CVE-2007-1873.txt
idPACKETSTORM:55890
last seen2016-12-05
published2007-04-12
reporterHanno Boeck
sourcehttps://packetstormsecurity.com/files/55890/CVE-2007-1873.txt.html
titleCVE-2007-1873.txt